A company has decided to implement an electronic signature scheme based on public key infrastructure. The user

adminJanuary 30, 2019

A company has decided to implement an electronic signature scheme based on public key infrastructure. The users private key will be stored on the computers hard drive and protected by a password. The MOST significant risk of this approach is:

A. use of the users electronic signature by another person if the password is compromised.

B. forgery by using another users private key to sign a message with an electronic signature.

C. impersonation of a user by substitution of the users public key with another persons public key.

D. forgery by substitution of another persons private key on the computer.

Explanation:

The users digital signature is only protected by a password. Compromise of the password would enable access to the signature. This is the most significant risk. Choice B would require subversion of the public key infrastructure mechanism, which is very difficult and least likely.

Choice C would require that the message appear to have come from a different person and therefore the true users credentials would not be forged. Choice D has the same consequence as choice C.

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

ISACA Exam Questions

Free ISACA Study Guide

A company has decided to implement an electronic signature scheme based on public key infrastructure. The user

Leave a Reply Cancel reply